Posted
by
Zonk
on Friday June 09, 2006 @03:26PM
from the please-enjoy-your-life-citizen dept.

bitkid writes "Reuters reports that the Court of Appeals for the District of Columbia Circuit rejected a petition aimed at overturning a FCC decision requiring broadband providers and others that offer Internet telephone service to comply with wiretap laws. According to the court, private networks would not be subject to the wiretap requirements. Just the same, networks connected with a public network would have to comply with the law." From the article: "The court concluded that the FCC requirement was a 'reasonable policy choice' even though information services are exempted from the government's wiretapping authority."

> >
Won't work, they'll tap you at the first hop (the cable company's router) if they have to.
> > Nahh they'll just throw you in jail on suspicion of being a terrorist, and a judge will claim contempt until you give them the encryption keys.

"Settle down, you two. This isn't 'either/or' thing!"- Your Government

Nahh they'll just throw you in jail on suspicion of being a terrorist, and a judge will claim contempt until you give them the encryption keys.

IANAL but I've been told by one that it is often to your benefit in certain situations to plead the 5th, refuse to testify, or if they won't allow for that claim ignorance that you have fogotten even though you will end up with some type of punishment or contempt in court.

But only if the punishment of what the crime is if it outweighs the charge of contempt.

The truth of the conversation was whether or not it was ok to refuse to take a breathalyzer test. If you refuse to take it, you can get your license supsended up to 12 months, but if you take it and were convicted of drunk driving you could face jail time plus 5 years suspension...

Now don't everyone go refusing breath tests now because these laws vary state to state, but the lawyer also told me without hard evidence it is easier to me off (errr don't ask) with a judge or jury because beyond reasonable doubt means there is real evidence that you commited a crime... Not hearsay that since you refused the test that you must be drunk.

However... Like I said before talk to your lawyer if you really want to know about the rules of this in your state (some states have refusal means a lot more)

So to apply to this situation and the moral of this situation... If you ever find yourself in a room full of FBI agents demanding your encryption keys... Explain to them it is your constitutional right (the 5th) to remain silent and you wish to speak to your lawyer so he can advise you how to proceed.

If a judge is ordering your encryption keys to be released, then have a frank discussion with your lawyer over whether or not the information that is contained on those drives will get you more jailtime if convicted than jailtime for refusing to comply.

Although... If you find yourself strapped on a table with a room full of NSA or CIA agenents with one of them weilding a cattle prod and other asking for those keys in a stern german accent... Well... Best of luck then.

IANAL but I've been told by one that it is often to your benefit in certain situations to plead the 5th, refuse to testify, or if they won't allow for that claim ignorance that you have fogotten even though you will end up with some type of punishment or contempt in court.

Yep! Mod parent up! While IANAL, I do know you do have a Constitutional right to not incriminate yourself. They can't make you do anything.

Although... If you find yourself strapped on a table with a room full of NSA or CIA agenents with one of them weilding a cattle prod and other asking for those keys in a stern german accent... Well... Best of luck then.

"Although... If you find yourself strapped on a table with a room full of NSA or CIA agenents with one of them weilding a cattle prod and other asking for those keys in a stern german accent... Well... Best of luck then.""Well... That's what truecrypt is for."

Um... someone ought to be reminded to never, ever mention Truecrypt in this context again (i.e., imprisonment and other sundry legal sanctions), unless one wants to cue another endless onslaught of:

I'm repeating what someone else remarked here when I say there is a solution. Given the privacy climate, it might also become the standard encryption strategy. Follow this: You have a regular private key which does decrypt, and a fake 'I've been caught' key which decrypts into something innocuous.

Add features to make it indistinguishable(can this be done??) from the regular decryption, and I think what you end up with is actual privacy. Although with one very upset government on our hands, but that's another day.

IMHO the government has severely shot itself, and by extension, us in the footal region by overreaching and prompting this flavour of technical reaction. This is an irreversible response...when lowly citizens taste their first control over their personal data, there's no reason, from their perspective to go back. Is there?

"Well since I know I'm doing nothing wrong, there's no reason for my info to be examined. Since it's now my choice, I'll keep encypting"

What you describe with a fake key is not possible. I would suggest reading up on symmetric key cryptography.

While I suppose it is possible to use a crypto PROGRAM that spews out innocuous text in response to your fake key, the government investigators will most certainly be decrypting the cyphertext with their own application. The crypto algorithms just perform a series of mathematical operations on either a block of data or a stream of data. There is no known way to make one instance of cyphertext decrypt into two different sensible plaintext outputs depending on which of two keys are used. I suppose someone could design an algorithm to do this, but it sure as hell won't be easy.

No existing crypto algorithm in wide use has the ability to do what you describe (not Rijndael, not DES, nothing). Using your fake key on the real cyphertext will return a bunch of gibberish, which will make it very obvious that you gave them a fake key.

You might want to look into something else. There is a related field, stenography, which deals with hiding the existence of your data. Combining good encryption with good stenography can make it very difficult to discover you data, as an attacker would have to find it first, then attempt to decrypt it. Handing over your crypto keys doesn't do anyone any good if they cannot find coherent cyphertext to decrypt.

If decrypting the same data into two believable outcomes isn't possible, how about this: given a block of encrypted binary data, up to a half of the volume is the "real" data (but encrypted), and an identical amount is "fake" data. When the "real" key is used, the "real" data is decrypted, but when the "oh no, I'm caught" key is used, the "fake" data is decrypted into something innocuous. In both cases, you are left with a indecypherable block of gobbledigook along with the decrypted data.This seems very po

I am not a fan of this. It's like having the business cards of all major heroin dealers in the country all stashed in your desk.

It's a lot easier to require encrypted communication from the website/service you're accessing. Market forces. But it will not happen until the people at MySpace can understand the need for this, and that won't be soon.

To any rational person, it doesn't follow that if terrorists use encryption, then everyone who uses encryption is a terrorist. Of coarse, that won't stop the government from making that logical leap...

It doesn't matter if the government makes that leap if your jury qualifies as rational people. Assuming, of course, that you're a rational person (in which case, you're not a terrorist), you could demand that a jury of your peers specifically refer to rational people.

Of course, there's a reason we have Guantanamo Bay. I'd imagine most powerful countries have concentration camps as well, or some equivalent convenient holding area for political prisoners.

Most encryption can be broken, especially when it is something that has to be done quickly for time sensitive applications, like VoIP data (computation time is bad when you're talking in real time). If the government wants the information bad enough, they'll dissect it.Even then, you might well be surprised at how many people just use Vonage to talk about committing a crime, just like they use normal phones today.

The smart ones will encrypt, of course. They may even use good encryption. But scrambled data i

especially when it is something that has to be done quickly for time sensitive applications

The hardest part with encryption is generating the key to encrypt the rest of the data with, not the encrypting itself. Given that, you can pre-generate the keys in the background, only activating them when it's time.

Most encryption can be broken, especially when it is something that has to be done quickly for time sensitive applications, like VoIP data (computation time is bad when you're talking in real time). If the government wants the information bad enough, they'll dissect it.

Bullshit. AES is fast enough to be done in a few milliseconds for the block sizes that VoIP needs. The main latency is still from you to your ISP.

If the spooks managed to break AES and actually used it to prosecute anybody, they'd have a pretty hard time keeping it a secret. My guess is that unless you are doing something really bad(tm), they would let you get away or find another angle to nail you from, rather than tip their hand.

Encryption is fine when you're connecting peer-to-peer... but connect as secure as you want to a VoIP-to-phone provider, they'll have to hand over your unencrypted stream at the point they're decrypting it to get to the PSTN.

Bruce Schneier once said, of his own work, that he and his colleagues started out with the idea that cryptography was a sort of magic security dust that you could sprinkle on the world and make problems go away. But the more they explored the subject, the more they came to realize that was a false idea.Encryption has its uses, sure, but it isn't easy. How do you plan to distribute keys, for instance? How do you keep people following reliable security protocols and avoid social engineering attacks? It's

Of course, accepting those arguments rather destroys the idea of thinking of the courts as either the guardians of justice or the guardians or our rights, or anything else that is traditionally used to justify their existence. It instead turns them into the guardians of the status quo, provided it's supported by those in power. (I.e., not EVEN just the guardians of the status quo, but only a restricted subset of that which doesn't much need guarding.)

But he quoted various laws (that I never agreed to or authorized any of my "representatives" to agree do [Here representatives refers to "representational democracy" and refers to not only members of the House, but also to Senators and elected members of both the judiciary and the executive branch]). There is a totally insane number of laws, so I accept that he quoted the laws accurately. That has nothing to do with justice, but only with legalism.

If I accept that he ruled as the laws and procedures require, then I am simultaneously accepting that the court system is intrinsically void of justice. That though justice may occasionally be found there, it is purely by happenstance. His ruling made NO appeal to justice. ALL that was mentioned was laws and precedents. Now there are enough varied precedents that generally lawyers on both sides of any case can quote precedents to support their point of view, so any appeal to precedent without a simultaneous demonstration of how this precedent yield justice in this situation is immediately suspect. When the decision itself appears to be without justice, then it is imperative that the court demonstrate how it actually *is* just. I did not find that in the file.

Obviously, IANAL. I *am* a citizen. And decisions like this one have left me two steps short of voting the straight anarchist ticket. (A useless gesture, admittedly, and that's good, since any avowed anarchist who is a party member is an obvious hipocrite...well, unless they are syndicalist or some such. They make me want to agree with the Nihilists, but I remember how that led to Stalin.)

Given judgements like this, I can understand why the feds are so anxious to render jury trials impotent. Corrupt to the core.

...and would like to take this opportunity to freely voice my ardent support for the current administration, congress, judiciary and the brave men and women at homeland security. You make it possible for me to have no alternative but to state my views thusly from now on when in public. Thanks a bunch.

... or is everything technology-related thing that the US government touches in the past few years pretty much a travesty? How long before some of these lawmakers start dying off from old age and natural causes, because apparently they'll never get out of office any other way (being voted out for disgusting behaviour, and repeatedly failing the citizens they're intended to serve)

How long before some of these lawmakers start dying off from old age and natural causes

So at this point, you have basically given up. What ever happened to the America I used to know, which questioned and challenged every thing and fought for its rights? I sincerely do hope you are not in your 20s or younger. Because if you are, God really save America!

>What ever happened to the America I used to know, which questioned and challenged every thing and fought for its rights?

It got overrun with Idiot's, Retard's, Corupt politicians and Buisnessmen as well as Corperations and Lobbyists, Not to mention Copyright abusers and patent graber's and Law's giving so much power to the Richest most corupt of the aformentioned.

Which hasn't been helped by thoughs of the rest who should know better and be very alarmed to the point of rebel

That goddamn neocon has taken more liberties from us in the past 6 years then the combined total of all presidents. All in the name of fighting Global terrorism. Fucking please.....

Congress(House) votes down Net neutrality in the name of better service to consumers (fucking corporate profit!!!!!!) and more censorship than China I'll bet....Republicans are facistsDemocrats are Socialists.Liberatarians(sp?) are nutbags...Green Party is for saving pigeons...

Damn isn't there a party left for the common man......

The only people who have it good in this country or lying politicians, corporate whores, scumbag lawyers, and slimy lobbyists...

...has taken more liberties from us in the past 6 years then the combined total of all presidents

While I will agree with most recent presidents, I think the alien and sedition acts enacted by our second president (and first vice-president) still trumps this. But he seems to be working on it (the Alien Enemies Act and Alien Friends Act seem to be revived, just using "enemy combatant" instead of alien).

While the movie may not have been a critical success, they the makers did not develop the most interesting part of the plot, I came out of the movie saying to my wife that this was they way I saw America and its government changing. My wife hates politics and think rosy thoughts usually, and even she was agreeing with me.

Yes, it's called the Koncern for Egalitarian Governance party, better known by it's acronym:

K.E.G.

We belive in free, rambling speech; the right to bear forearms; freedom from "staying the night"; freedom to search any unreasonably gifted females; the right to refuse to answer the ociffer no mater how CUTE she is; the right to the walk of shame from your roomates; freedom to take your ex-b1tch before Judge Joe Brown; and freedom from the local d

When not abused by a fascist ass like Bush. However, let's not kid ourselves here. VoIP is the future of telecom. The court knows this too and said that it's within the spirit of the law. The great thing about the Internet is that VoIP might actually balkanize to the point that it'll be harder for the government to keep track of all of the different protocols, but as long as they are theoretically wiretappable, it should be fine legally.

Wiretapping is a legitimate power with a court order, as per the 4th Amendment. It was the 4th Amendment which granted the power to search in the first place.

And the problem with "a fascist ass like Bush" is that any power granted to any level of government will be abused. No matter how noble the present office holder is, there will be a fascist little twit there at some point.

That is why granting power to government doesn't work. It has never worked. Leviathan always grows, always gains more power to itself. Any "emergency" power today will be tomorrows "Legitimate Power". That's why the American Constitution has no provision for suspension of said Constitution. If it did, an "emergency" would be quickly manufactured and those Constitutional limitations on government power forsaken.

There are those who see "illegal combatant" as just another excuse for an abuse of power they want to do anyway.

Back in the day, witetapping was for phones, for some phones (because the tech wasn't there to snoop en masse), and it impacted most people not at all. It was a tool against crooks.Nowadays and increasingly, we are going to be always online, always interconnected, sending and recieving, and faced with interception that could theoretically be continuous - a panopticon. Or, we could decide that the government can no longer own that power, and snatch it back from them.

Not just because I think that government (politicians) is not able to deal with change or technology, but because they will now have a reason to become technology savvy. With the proper warrant, a wire-tap on a phone has been acceptable in the past. Once they get the technology down pat, the only way to make sure that you are not tapped is to hide everything, and that is simply not how it was meant to be. In a wild thought, if you look at the US constitution, and the 'right to bear arms' issue, while the founders never envisioned the Internet, I'm PRETTY DAMNED CERTAIN (TM) that they would be alright with using your own encryption, or any other means of self armament to protect you from too much government intrusion in to your daily life.

I'm waiting for this issue to get tested in the court system..... I think its a constitutionally granted rights issue, not a simple matter of being able to 'hunt for terrists' at will. The rights of law abiding free men and women, necessarily uphold the rights of criminals to the same treatment. Changing that status quo means treating the law abiding people as criminals, and that is wrong.

The scariest part is that while a judge can say one way or the other, there is currently no manner for the people, the courts, or anyone else to manage how the government does such things. By that, I mean that there is no technically savvy oversight of such activities... sort of the ignorant being in charge of a group of hackers with malice in mind. We know where that will lead....

Ok, so the VPN circuit is fair game and subjet to be monitored, what if you use heavy end to end encryption? Are you committing some abstract act of 'interference with the authorities' and inviting a raid?